Building a SOC

Security Operations Lessons: What My Team Learned Building and Maturing a SOC

Scott Worden, Security Engineer

Building and maturing a Security Operations Center (SOC) is different for every organization. In this guest post, a security engineer at an insurance company in the Midwest shares what he learned as part of a three-person security team charged with implementing a SOC. The following views are his own and not those of his organization or team. Someone once said … Read More

Common SIEM Issues

Why a SIEM Won’t Solve All Your Problems: 5 Common Issues and How to Avoid Them

Justin Henderson

Today’s organizations suffer from a gap in detection capabilities. Research such as the Mandiant M-Trends report show that the median time to detect an adversary is 99 days. Even if you interpret this with a grain of salt, there’s no doubt that the ability to catch an adversary is far from where it should be. Many organizations look to implement … Read More

Security Architect Lessons

Security Architect Lessons: What I Learned Managing and Assessing Cyber Risk at a Fortune 200

Michael Haag

I worked as the security leader of a global Fortune 200 organization for two years, where I was responsible for cyber security strategy, architecture, and risk reduction during an extended phase of rapid growth and acquisition. I focused on ensuring we had visibility across the most vital layers while working with each entity to mature their security posture and address … Read More

Security Team Development

Building a Winning Security Team: Practical Tips on Training and Team Development

Phil Hagen

The most fundamental truth in information security is that we need smart people to do the most important parts of the job. Regardless of how many racks of servers, gazillions of dollars of software, or dozens of threat intel “feeds” we invest in, they won’t provide the slightest impediment to adversaries without real live humans to run the show. This … Read More

Cryptocurrency Trends

Cryptocurrency Trends: Will Ransomware Be Overtaken by Miners?

Joe Moles

This last year you couldn’t turn on the TV, look at social media, or visit your favorite internet news source without being faced with another story of a ransomware compromise. These attacks are highly destructive and largely driven by financial gain. Threat trends and methods to “make a quick buck” will continue, while new methodologies rise to the forefront. Based … Read More

Call to Arms: 4 Things Everyone in InfoSec Should Stop Doing Right Now

Joe Moles

While I’ve always been passionate about working in InfoSec, I can’t help but feel jaded about the way our industry approaches some things. We run around pointing fingers at each other with slander marketing, we use Twitter as an intel sharing platform, and we cry out that the sky is falling every time a researcher posts a new post exploit … Read More